|
|
Re: of signals and packets: msg#00007security.ids.snort.devel
Hi, On 8/9/06, Russell Fulton <r.fulton@xxxxxxxxxxxxxx> wrote: > No packets, no interrupts! > > I wonder if it would be worth while to feed in dummy packet once a > second to catch signal when there is no traffic. Bad hack, better approach might be using int pcap_get_selectable_fd(pcap_t *p); in combination with poll / select, so you can specify a timeout of lets say 200ms, and check whatever you need then. If done right, one could even poll sockets from modules (which log to a database). MfG Markus Koetter ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | of signals and packets: 00007, Russell Fulton |
|---|---|
| Next by Date: | Re: of signals and packets: 00007, Steven Sturges |
| Previous by Thread: | of signals and packetsi: 00007, Russell Fulton |
| Next by Thread: | Re: of signals and packets: 00007, Steven Sturges |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |